CVE-2006-0138

aMSN - Denial of Service via Crafted File-Transfer Data

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-0138. PoCs published by Braulio Miguel Suarez Urquijo.

AI-analyzed exploit summary This Perl script exploits a remote denial-of-service vulnerability in aMSN by sending malformed PNG data to port 6891, causing the application to crash. The exploit repeatedly sends the payload to ensure the target remains unresponsive.

Description

aMSN (aka Alvaro's Messenger) allows remote attackers to cause a denial of service (client hang and termination of client's instant-messaging session) by repeatedly sending crafted data to the default file-transfer port (TCP 6891).

Exploits (1)

exploitdb WORKING POC VERIFIED

by Braulio Miguel Suarez Urquijo · perldosmultiple

https://www.exploit-db.com/exploits/37692

View Code ZIP pw:eip

This Perl script exploits a remote denial-of-service vulnerability in aMSN by sending malformed PNG data to port 6891, causing the application to crash. The exploit repeatedly sends the payload to ensure the target remains unresponsive.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: aMSN (version not specified)

No auth needed

Prerequisites: Network access to the target's port 6891 · aMSN running on the target system

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/22186

Exploit, Vendor Advisory x_refsource_misc

http://www.securiteam.com/exploits/5JP090KHFQ.html

Scores

EPSS 0.0628

EPSS Percentile 92.7%

Details

Status published

Products (1)

amsn/amsn

Published Jan 09, 2006

Tracked Since Feb 18, 2026